git: 1a12f0aea81b - main - xen: fix initialization of grant table frame array

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Roger Pau Monné <royger_at_FreeBSD.org>
Date: Mon, 06 Nov 2023 10:17:47 UTC
The branch main has been updated by royger:

URL: https://cgit.FreeBSD.org/src/commit/?id=1a12f0aea81b57d0dd2374047b8f4c97a037a8df

commit 1a12f0aea81b57d0dd2374047b8f4c97a037a8df
Author:     Roger Pau Monné <royger@FreeBSD.org>
AuthorDate: 2023-11-02 17:23:25 +0000
Commit:     Roger Pau Monné <royger@FreeBSD.org>
CommitDate: 2023-11-06 10:17:39 +0000

    xen: fix initialization of grant table frame array
    
    The current sizing of the array used to store grant table frames is broken, as
    the calculation:
    
           max_nr_glist_frames = (boot_max_nr_grant_frames *
                                  GREFS_PER_GRANT_FRAME /
                                  (PAGE_SIZE / sizeof(grant_ref_t)));
    
    Is plain bogus, for once grant_ref_t is the type of the grant reference, but
    not the entry used to store such references in the grant frames.  But even if
    the above calculation is switched to use grant_entry_v1_t, it would end up as:
    
           max_nr_glist_frames = (boot_max_nr_grant_frames *
                                  (PAGE_SIZE / sizeof(grant_entry_v1_t)) /
                                  (PAGE_SIZE / sizeof(grant_entry_v1_t)));
    
    Which is pointless (note GREFS_PER_GRANT_FRAME has been expanded to (PAGE_SIZE
    / sizeof(grant_entry_v1_t))).
    
    Just use boot_max_nr_grant_frames directly to size the grant table frames
    array.
    
    Fixes: 30d1eefe3937 ("Import OS interfaces to Xen services.")
    Sponsored by: Citrix Systems R&D
---
 sys/dev/xen/grant_table/grant_table.c | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/sys/dev/xen/grant_table/grant_table.c b/sys/dev/xen/grant_table/grant_table.c
index 13ca966c1f90..1cf9fe5e339a 100644
--- a/sys/dev/xen/grant_table/grant_table.c
+++ b/sys/dev/xen/grant_table/grant_table.c
@@ -610,20 +610,12 @@ static int
 granttable_attach(device_t dev)
 {
 	int i;
-	unsigned int max_nr_glist_frames;
 	unsigned int nr_init_grefs;
 
 	nr_grant_frames = 1;
 	boot_max_nr_grant_frames = __max_nr_grant_frames();
 
-	/* Determine the maximum number of frames required for the
-	 * grant reference free list on the current hypervisor.
-	 */
-	max_nr_glist_frames = (boot_max_nr_grant_frames *
-			       GREFS_PER_GRANT_FRAME /
-			       (PAGE_SIZE / sizeof(grant_ref_t)));
-
-	gnttab_list = malloc(max_nr_glist_frames * sizeof(grant_ref_t *),
+	gnttab_list = malloc(boot_max_nr_grant_frames * sizeof(grant_ref_t *),
 	    M_DEVBUF, M_NOWAIT);
 
 	if (gnttab_list == NULL)